The history and body of art surrounding the ciphering of information dates back over two millennia. This is a rich field of practice. The first major significant advancement in cryptography in the modern era was offered by (RSA) Rivest, Shamir and Adlemen in their invention (U.S. Pat. No. 4,405,829). Subsequent directions in block ciphers ushered in by the National Institute for Standards and Technologies (NIST) release of the Advanced Encryption System (AES) have expanded the art another generation. Most recently the use of Elliptic Curve Cryptography (ECC) has opened up yet another new direction in cryptography. There is an ever expanding field of art in Public Key Infrastructure, Key Derivation and Exchange Methods and more. Each succeeding generation of encryption algorithms has advanced the art. However, each method heretofore has been limited to a nature that is uni-functional and not extensible.
Society is increasingly relying on cryptographic systems to secure a great many applications covering virtually every aspect of modern life including financial systems, health care information, electronic communications from simple messaging to global video teleconferencing, military and surveillance applications, corporate asset protection and more. Simultaneously, as virtually all of this data is now instantiated in computer systems by necessity, a wide range of opportunists, thieves, other malicious actors, nation-states and more, are regularly attacking cyber resources, including encrypted resources, and compromising the digital assets contained in those systems. Existing solutions from RSA to AES are increasingly vulnerable to a variety of clever social engineering, brute force and mathematical attacks that weaken their ability to protect the data assets they are used to secure. Furthermore, as the volume of users increases, the volume and rate of data being securely stored or transmitted is increasing non-linearly. In some situations, existing art is insufficient to meet these demands. For example, block cipher systems such as DES and AES introduce network latencies that make high definition video conferencing impractical in all but the most expensive hardware-augmented solutions.
Each cryptographic method offers its own set of advantages and disadvantages. Only a system utilizing a One Time Pad (OTP) approach, properly implemented, can offer “information-theoretically secure” encryption (meaning that the system remains secure even if an adversary has unlimited computing resources and power). The OTP was invented by Gilbert Vernam in 1918. Claude Shannon subsequently proved mathematically, as published in the Bell Labs Technical Journal in 1949, that properly implemented OTPs were information-theoretically secure. However, in order to meet Shannon's rubric for being properly implemented, there are four elements that have historically proven difficult enough to implement to make an OTP less than a practical solution.
These requirements are:                The OTP must be a single cipher key that is non-repeating and is equal or greater in length than the plaintext which is being ciphered        The OTP must be held in complete secrecy known only to the trusted parties        (ideally, never exchanged)        The OTP must never be used again        The OTP must be indistinguishable from random data        
Each of these requirements, taken alone, has significant and daunting practical implications, but when considered together, until now, no practical solution has emerged.
Shannon's requirements mean that two or more parties be able to use a new and different internally random OTP for every exchange of secured data; that the OTP be of equal or greater length than the plaintext and, ideally, never exchanged by the trusted parties. Clearly, in modern systems where data sizes are often megabytes, gigabytes or terabytes in size—it is impractical to generate a sufficiently long and randomized OTP and find a way to securely transmit that OTP to the recipient. One Time Pads offer so-called perfect secrecy, but, historically, at too high a cost to be practical.
Additionally, historically, encryption systems have intimately tied encryption keys (authentication factors) to pass-phrases, biometrics, or software and/or hardware-based symmetric/asymmetric keys alone (either public or private). In some cases, implementations of various cryptographic algorithms in software or hardware have accepted more than one authentication factor. For example, an AES-256 implementation could require both a passphrase and a fingerprint for authentication to encrypt/decrypt. However, these are typically combined using a variety of methods into a single authentication input and thus form a single key of known 256 bits of length/strength (as in the case of AES-256). More than one authentication factor, while it has added entropy to the finite number of bits available, has not typically meant an increase in bits of strength of encryption. Therefore, historically, multi-factor authentication offers increased security, but only in as much as it adds entropy, not bits of strength, to the encryption.
Thus, a need exists for an approach to encryption that offers real and practical solutions to Shannon's requirements, as well as an approach that offers real multi-factor authentication that actually increases security, as well as entropy and that outperforms block cipher solutions to facilitate real-world and relevant data streaming and other applications.